5ef5b39bd4
Fixes CVE-2018-15473: user enumeration vulnerability due to not delaying bailout for an invalid authenticating user until after the packet containing the request has been fully parsed. Some OpenSSH developers don't consider this a security issue: https://lists.mindrot.org/pipermail/openssh-unix-dev/2018-August/037138.html Signed-off-by: Baruch Siach <baruch@tkos.co.il> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com> |
||
|---|---|---|
| .. | ||
| 0001-fix-pam-uclibc-pthreads-clash.patch | ||
| 0002-fix-howmany-include.patch | ||
| Config.in | ||
| openssh.hash | ||
| openssh.mk | ||
| S50sshd | ||
| sshd.service | ||